Web browser technology has propelled the internet to what has now become a pervasive and nearly universal information superhighway whereby a wealth of information can be readily retrieved and delivered to any requesting end user. As the level of activities on the internet increases, more and more powerful tools are being demanded. In providing these tools, a platform independent programming language such as the Java language allows a program written in Java to be executed on any platform. In this manner, virtually any tool (i.e. program) can be delivered over the internet to a client site to perform a desired function at the client. Along with the increase in the level of activities on the internet, the need to exchange sensitive information over secured channels becomes important as well. For this reason, Netscape has developed the Secure Socket Layer (SSL) protocol. The primary goal of the SSL protocol is to provide privacy and reliability between two communicating applications. The protocol is comprised of two layers. At the lowest level is the SSL Record protocol, which is layered on top of some reliable transport protocol, such as for example the Transport Control Protocol (TCP), and is used for encapsulation of various higher level protocols. One such encapsulated protocol is the SSL Handshake protocol which allows the server and client to authenticate each other and negotiate an encryption algorithm and cryptographic keys before any data is communicated.
While the SSL protocol is designed for use in many applications, its main application has been with web browsers. By issuing an "https://" (Hypertext Transfer Protocol with SSL) addressing command to the web browser rather than an "http://" (Hypertext Transfer Protocol) command, a transaction through a secured communication channel is requested and the web browser responds accordingly by establishing a secured communication channel to carry out secured transactions between a client and a server.
However, in the case where an application is delivered from a server to a client, and the application wishes to open a separate secured communication channel from the client to any another machine, attention must be paid to the constraints in such a scenario, i.e., the application must be delivered to the client in the least amount of time to minimize overhead execution time and the application must have fast execution speed. In order to have an application delivered to a destination client in the least amount of time, the application has to be kept to a minimal size, which means that the algorithm for such an application must be conducive to be programmed using a minimal amount of code. Additionally, for an application to have fast execution speed, the algorithm has to be both small and efficient.
Prior art technologies using either the SSL protocol or other encryption tend to be bulky, requiring a significant amount of download time for delivery of the application, and tend to have slow execution time. Therefore, there is a need for an improved and more efficient method for establishing a secured communication channel between a client and a server.